New wave of malware attacks expands in the Middle East

A new wave of malware attacks spread to the Middle East, with special emphasis on the Palestinian authorities. The origin or authorship of these has not yet been determined, although they are related to the so-called Gaza Cybergang APT, a group of politically motivated cybercriminals, who have been operating since 2012. This new wave of attacks has been dubbed the Big Bang.

A new malware attack expands in the Middle East

The operation is traditional in this type of situation. A phishing email is sent with an attachment. There are two files in it, a Word document and a malicious executable file. In these messages, they pose as the Palestinian Police.

New malware in the Middle East

While the victim opens the Word document, the malicious executable file runs in the background. In this way, the user does not know that he is being the victim of an attack and malware enters his computer. Regarding the actions it carries out, the typical actions that these types of attacks usually commit have been detected so far.

Initially, this malware acts as an information thief. Information is obtained from users, although until now it is not known what data is obtained or based on what criteria. Then there is a second phase in which it is dedicated to spying on the user. It is capable of sending information from the infected computer to the attackers' servers.

This malware appears to be capable of self-destruction. As we have said, it is speculated that it could be subtracted related to the so-called Gaza Cybergang APT. Although so far it has not been possible to identify the attackers.